Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

ALL basic and javascript


ALL basic and javascript

By ghostghost | 36640 Reads |
0     0

OK THIS IS MY ARTICLE SO RATE IT IF YOU LIKE IT OR IF YOU DONT

—+BASIC+—

Basic 1: ok this one is very simple you should know how to do this if you dont, well why not right click the page and see what you can view

Basic 2: this is an iframe (as im sure you can tell) you need to find out where the iframe is reading from so why not view the source? remember the “..” makes it go back a directory

Basic 3: ok for this you need to have firefox if you dont have it GET IT! a user agent tell what browser you use there is a way to spoof this why not look for a plug-in?

Basic 4: ok so the file isnt found in basic4. well sometimes people type in the dark and they cant really see their number keys they might have put the file in the wrong directory

Basic 5: Asterix-Project could have something to do with an Asterix why not try it? o is that an error?
hint:the asterix is a wild card in this php script maybe it will work with the login now just to find out how Unix stores passes

Basic 6: ok so this is Unix so u need unix commands but first you need to find out where the LOGS might be stored dont forget the $

Basic 7: well he made a ASCII encryption? well i wonder wat that is? HINT: 01100101 well we need to encrypt our username wonder wat that is? well here is an article to help you out http://nexodyne.com/archive/index.php?t-14736.html now u need to void the right cookie and dont forget to refresh dang not done yet now we need to learn sql injection well i went ahead and got you an article http://www.securiteam.com/securityreviews/5DP0N1P76E.html

Basic 8: well mess around with the page try a password o wat is that? an sql error hmm looks enteresting we might need that later ok well how would we use this? o well why not check the source? ooo thats interesting dont understand it? well something like it is on the URL of like almost everypage of this site ok now to use the sql error we found if u do it right u will get the pass

Basic 9:ok well u can search the files sorry the * doesnt work here :P well i wonder where the files are stored… found it? good well now u want to trick the machine to give you information bout the script that you shouldnt have so go google about poison null byte

Basic 10: well you are FORBIDDEN to view this lol so why not view the source? whoa wat is that? well find out how to spoof IP’s

Basic 11: well this takes us back to basic 3 why not have a look at some of the other user agents

Basic 12: well you cant see the protected folder so why not have a look around the page u can see. wait does that say wat page its showin us?! awesome well why not try to view the page you want to see hmm that didnt work well u might want to figure out how to access a page well that takes you to another page go there wait its an DES encryption so use JTR with a wordlist it will be cracked in no time

Basic 13: well ok so u have to log in as George but he isnt on the list so u have to change the list so download the source and do wat u have to. still not workin? well then its time for you to take ACTION

Basic 14: well this is sort of back to basics lol try viewin the source. you should kno wat to do from there

Basic 15: hmm maybe these are gettin easier? try viewin the source and find wat u need to

Basic 16: suddenly i cant stop thinking of Basic 7

—+JAVASCRIPT+—

JS 1: this one is easy try viewin the source and u should kno wat to do

JS 2: WAIT! dont click the link i wouldnt want you to get trapped in a loop ok well i only kno how to do this in firefox so use it now u want to view the source of the page without actually going to it HINT:view-source:URL so do you see where the JS is reading from? why not go there? do you see what i see? well there ya go

JS 3:ok well view the source. whoa thats alot of code that i see try decrypting it u should prbly kno the encryption see the text? well thats the user and pass so use them

JS 4: well if you kno xss this is really easy you need to alert the cookies but javascript:alert doesnt show the hidden cookie so try using some other kind of SCRIPT

JS 5: well first find out where the JS is reading from and go there then learn about the function it uses and if you have passed 1st grade math u can beat the rest

JS 6: well first view the source and see where it will take you if you get it right. well add already :P

JS 7: well if you get it wrong u have to go bak this sort of reminds me of JS 2 well now u have the source so save it and make it alert wat u need

JS 8: ok first this is the only thing i do in IE i have had trouble doin this one in firefox ok well u see the encryption? well its a hex encryption so decrypt it o but its all gibberish well try it anyway wait is the source new? well i wonder wat the simplest thing u could do wit this is?

JS 9: well i guess its finally time to sit back and relax JK :P ok well save the source and find wat you need to change o but the pass doesnt work well i wonder wat all that encryption is ooo look a form well change where the form sends the info to and encrypt it and put it bak in the source

JS 10, 11, and 12: ok these are all really easy just make it alert wat u need it to

JS 13: not authorized? well wat checks authorization? void it

JS 14: ok well its just back up so this one is really easy jus go where u need to

JS 15: view the soure and learn abot the charAt function this one took me awhile even if u think u r doin it wrong u r probly doin it right

WELL THATS MY ARTICLE RATE IT IF YOU LIKE IT OR IF YOU DONT

Comments
ghost's avatar
ghost 18 years ago

Not bad, but honestly I'd personally prefer lots of articles explaining every challenge in detail rather than one that briefly summarizing each one ;)

ghost's avatar
ghost 18 years ago

yea well this is just to get peoples feet wet in each challenge without giving away too much but i kno wat ur sayin thanx for commenting :)

korg's avatar
korg 18 years ago

Not to be a dick but all these have been covered more than once, twice so many times. We need new material in the articles and tutorials not the same thing over and over again. Just my thoughts. Nice job otherwise.

ghost's avatar
ghost 18 years ago

yea i know i just wanted to contribute even if it wasnt much at least its another article but im glad to haveur opinion thanx :)

What_A_Legend's avatar
What_A_Legend 18 years ago

the chalanges are not written in much detail, it wouldn't of helped me if i was stuck on these missions, but it was a good idea to combine all the challanges in one article :D

ghost's avatar
ghost 18 years ago

yea i was wanting one place where people could go without lookin for an article each time and i didnt want to give too much away:)

ghost's avatar
ghost 18 years ago

Your spelling confuses me alot.. :S

Blunt's avatar
Blunt 17 years ago

Good for me I have people like you this was helpful w3

ghost's avatar
ghost 17 years ago

thank you :)

ghost's avatar
ghost 17 years ago

THANK YOU!!!

ghost's avatar
ghost 17 years ago

you suck

ghost's avatar
ghost 17 years ago

awesome!!! :D

ghost's avatar
ghost 16 years ago

Thanks this article is proving useful to me, its not too much given away which is a spoil when people give too much info away. I prefer articles like this and you will learn more in my opinion trying to use your brain not by articles giving challenges in great detail this is perfect A1+++++ – very good hints enough to keep my appetite wet ;)

Legilimens's avatar
Legilimens 13 years ago

it's helpful if you have no idea where to start, but I generally prefer more detailed explanations

newbee's avatar
newbee 12 years ago

in js3 i got the username and the pass but when i click login then it just redirects me to the index.php of js3 .

darksage92's avatar
darksage92 10 years ago

I tried changing the OS part of user agent to HellBoundHackersOS for Basic 11 but it did not work.

Shai123's avatar
Shai123 9 years ago

test